Re: [ippm] Lars Eggert's Discuss on draft-ietf-ippm-ioam-data-12: (with DISCUSS and COMMENT)

Lars Eggert <lars@eggert.org> Mon, 12 April 2021 06:59 UTC

Return-Path: <lars@eggert.org>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE2763A0CDB; Sun, 11 Apr 2021 23:59:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eggert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id krxXdGtINOJf; Sun, 11 Apr 2021 23:59:16 -0700 (PDT)
Received: from mail.eggert.org (mail.eggert.org [IPv6:2a00:ac00:4000:400:211:32ff:fe22:186f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9B613A0CD9; Sun, 11 Apr 2021 23:59:15 -0700 (PDT)
Received: from [IPv6:2a00:ac00:4000:400:8430:ee31:d2a:d1fd] (unknown [IPv6:2a00:ac00:4000:400:8430:ee31:d2a:d1fd]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.eggert.org (Postfix) with ESMTPSA id F0ACF60032E; Mon, 12 Apr 2021 09:58:58 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=eggert.org; s=dkim; t=1618210739; bh=4R1kX+WIilGXgsKpOZhbZ9QsVcLTzI2yFk8DFC82nDA=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=X0/QJD8N346auyWLWdkHOS2y7eafivlQwt4LKaV61eVhJLYUO8TnBqLSIz0IVos2o mdnx35LaFkctp/eX3/ELXPYStSEKXs0WppmJLSlf3o/IXiZGnypmGFPUzeH5cfSgTh I/prVP/adfbwh+hLAmZwTGOU6rFixqd/UsjohQys=
From: Lars Eggert <lars@eggert.org>
Message-Id: <3D4CC7F2-66F5-4EE3-AFC0-315BD2C7E0D2@eggert.org>
Content-Type: multipart/signed; boundary="Apple-Mail=_A9B456A6-C937-46C3-ADCB-A183A6C3BEA3"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
Date: Mon, 12 Apr 2021 09:58:58 +0300
In-Reply-To: <BYAPR11MB258481FC2FB8EC909D59969EDA719@BYAPR11MB2584.namprd11.prod.outlook.com>
Cc: The IESG <iesg@ietf.org>, "draft-ietf-ippm-ioam-data@ietf.org" <draft-ietf-ippm-ioam-data@ietf.org>, "ippm-chairs@ietf.org" <ippm-chairs@ietf.org>, "ippm@ietf.org" <ippm@ietf.org>, Al Morton <acm@research.att.com>
To: "Frank Brockners (fbrockne)" <fbrockne@cisco.com>
References: <161667538893.15241.7322339760692550091@ietfa.amsl.com> <BYAPR11MB258481FC2FB8EC909D59969EDA719@BYAPR11MB2584.namprd11.prod.outlook.com>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
X-MailScanner-ID: F0ACF60032E.A5B54
X-MailScanner: Found to be clean
X-MailScanner-From: lars@eggert.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/CVGSH1hWpa2WgU3CN3h0x8iemP4>
Subject: Re: [ippm] Lars Eggert's Discuss on draft-ietf-ippm-ioam-data-12: (with DISCUSS and COMMENT)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Apr 2021 06:59:21 -0000

Hi,

On 2021-4-11, at 19:46, Frank Brockners (fbrockne) <fbrockne@cisco.com> wrote:
>> Not requiring at least one mandatory-to-implement trace option type is highly
>> problematic, since it creates two incompatible flavors of this standard.
>> Preventing bifurcation seems to trump the desire for allowing (minor?)
>> optimizations.
> 
> ...FB: There seems to be some confusion and potential misunderstanding here: The two different Trace Option-Types would not lead to two incompatible flavors of the standard:
> Each Trace Option-Type fills in the exact same IOAM data-fields - i.e. " node data list [i]" looks the exact same whether pre-allocated or incremental trace option types are used.

I was with you until here, thinking I had misunderstood the draft.

> Each Trace Option-Type just handles a different “bucket” in the packet.

But then this sentence confused me again.

This is what I am trying to understand: Let's assume IOM data gets added to a packet by an implementation using the pre-allocated format. It now gets forwarded to another node with an implementation using the incremental format. Can that second implementation, access, parse and update the IOAM information in the packet? Is the reverse also possible (first stack is using incremental format, second stack is using preallocated format?)

If the answer is yes to both of these, I have misunderstood the spec, and my discuss is moot.

If not, then I don't see how a deployment can mix hardware- and software-based forwarders?

> And each Trace Option-Type caters for a different type of transit node: Software-based forwarders and Hardware-based forwarders. The differences between the two are not negligible. Memcopy is expensive for a software forwarder, as is a pointer-lookup in the packet for a hardware forwarder. The fact that there are two Option-Types that cater for different types of transit nodes is the result of long discussions. The two different ways to carry the data-fields is to ensure that IOAM can be deployed on a wide variety of devices. I'm afraid, that if we'd drop one variant, or make one variant mandatory, all we'd get is a slowed down adoption of the standard, because we would restrict IOAM tracing to either software forwarders or hardware forwarders.

I fully understand that at the moment, there is a performance difference. If this technology actually takes off, I believe that both hardware and software techniques will be developed that will mitigate those performance differences. This has played out time and time again for different standars.

> That said, one thing that we should underline in the document is the fact that encap and decap nodes SHOULD be capable of inserting and removing both Trace-Option types. That way, there won’t be any compatibility challenge at all. Transit nodes of different type (HW or SW) would write the information into "their" type of bucket. Extracting the information at the decap node would be common in any case.

You'd need to mandate that both must be inserted into the packets, and on decap, you'd need to specify how an implementation is supposed to merge the information contained in the two different option types to construct information about what happened on the path.

> 
>> 
>> ----------------------------------------------------------------------
>> COMMENT:
>> ----------------------------------------------------------------------
>> 
>> Section 1, paragraph 4, comment:
>>>   IOAM use cases and mechanisms have expanded as this document matured,
>>>   resulting in additional flags and options that could trigger creation
>>>   of additional packets dedicated to OAM.  The term IOAM continues to
>>>   be used for such mechanisms, in addition to the "in-situ" mechanisms
>>>   that motivated this terminology.
>> 
>> Suggest to rephrase this expanded view on IAM in a way that does not tie the
>> description to the time period during which this soon-to-be-archival document
>> was edited.
> 
> ...FB: Thanks. Good suggestion - which we'll reflect in the next revision.
> 
>> 
>> Section 5.2, paragraph 6, comment:
>>>   A transit node MUST ignore IOAM-Option-Types that it does not
>>>   understand.  A transit node MUST NOT add new IOAM-Option-Types to a
>>>   packet, MUST NOT remove IOAM-Option-Types from a packet, and MUST
>> NOT
>>>   change the IOAM-Data-Fields of an IOAM Edge-to-Edge Option-Type.
>> 
>> I'm surprised that IOAM data isn't authenticated or even integrity-protected at
>> all. Relying on RFC2119 language alone seems a pretty weak protection.
> 
> ...FB: Integrity protection of IOAM data fields is handled in a sister document: draft-brockners-ippm-ioam-data-integrity.

Thanks, I missed that. But that is an informational reference to an individual I-D. I'm still surprised that integrity protection of IOAM data is not more of a concern for the architecture that is being proposed here?

>> 
>> I'll note that cryptographically authenticating IOM data would probably result in
>> a system that wouldn't need the concept of namespaces, because keys would
>> automatically serve that purpose. (A device can't update an IOAM data item if it
>> doesn't have the key to authenticate the update with.)
> 
> ...FB: Looking at the way you interpreted the meaning of namespaces, we'll probably need to add some additional explanation of  the role of namespaces.

I think that would be very helpful. I think Ben's ballot position goes into more detail here, so please check with him on this.

> Section 5.4, paragraph 11, comment:
>>>   o  Time of day when the packet was processed by the node as well as
>>>      the transit delay.  Different definitions of processing time are
>>>      feasible and expected, though it is important that all devices of
>>>      an in-situ OAM domain follow the same definition.
>> 
>> I think "important" is an understatement, this seems required? Also, capturing
>> time-of-day seems to require synchronized clocks.
> 
> ...FB: As usual, the answer is "in depends". If one is just interested in capturing jitter, then one might also do with non-synchronized clocks.

I'd suggest that clock sync should then be recommended, with the caveat that unsync'ed clocks may be allowed when jitter is all that will be evaluated for.

> Section 5.4.2.12, paragraph 2, comment:
>>> 5.4.2.12.  buffer occupancy
>>> 
>>>   The "buffer occupancy" field is a 4-octet unsigned integer field.
>>>   This field indicates the current status of the occupancy of the
>>>   common buffer pool used by a set of queues.  The units of this field
>>>   are implementation specific.  Hence, the units are interpreted within
>>>   the context of an IOAM-Namespace and/or node-id if used.  The authors
>>>   acknowledge that in some operational cases there is a need for the
>>>   units to be consistent across a packet path through the network,
>>>   hence it is RECOMMENDED for implementations to use standard units
>>>   such as Bytes.
>> 
>> There are other "standard units" here, such as packets. You'd need to
>> recommend a specific standard unit and not just give an example.
> 
> ...FB: The topic of "units" for IOAM data fields has been discussed quite a bit and not prescribing units is the result of this discussion. The approach that the draft takes is to "avoid specifying a unit unless you have to", because it is quite easy to translate units in backend analytics systems. As long as one properly understands which unit is used for a particular field, backend systems can easily interpret the data and there is no need to prescribe a particular unit.

Yes, but that "as long as" qualification is a pretty big one. It would mean that the backend systems need to have detailed knowledge of what each device along the path is configured to use as units. That seems a pretty dangerous assumoption?

>> Given that the max. value for microseconds is 999999, using a 32-bit field leaves
>> the top eight bits unused.
> 
> ...FB: True. Are you suggesting that we'd rather make the top 8-bits "reserved" because they will never be used anyway?

I'm just pointing it out, in case you'd want to use those eight bits for second-level info.

Thanks,
Lars